// expected_slashed ($meta_key)
$meta_key = stripslashes($meta_key);
$meta_value = stripslashes_deep($meta_value);
+ $meta_value = sanitize_meta( $meta_key, $meta_value, $meta_type );
$check = apply_filters( "add_{$meta_type}_metadata", null, $object_id, $meta_key, $meta_value, $unique );
if ( null !== $check )
// expected_slashed ($meta_key)
$meta_key = stripslashes($meta_key);
$meta_value = stripslashes_deep($meta_value);
+ $meta_value = sanitize_meta( $meta_key, $meta_value, $meta_type );
$check = apply_filters( "update_{$meta_type}_metadata", null, $object_id, $meta_key, $meta_value, $prev_value );
if ( null !== $check )
/**
* Given a meta query, generates SQL clauses to be appended to a main query
*
- * @since 3.1.0
- * @access private
+ * @since 3.2.0
*
- * @param array $meta_query List of metadata queries. A single query is an associative array:
- * - 'key' string The meta key
- * - 'value' string|array The meta value
- * - 'compare' (optional) string How to compare the key to the value.
- * Possible values: '=', '!=', '>', '>=', '<', '<=', 'LIKE', 'NOT LIKE', 'IN', 'NOT IN', 'BETWEEN', 'NOT BETWEEN'.
- * Default: '='
- * - 'type' string (optional) The type of the value.
- * Possible values: 'NUMERIC', 'BINARY', 'CHAR', 'DATE', 'DATETIME', 'DECIMAL', 'SIGNED', 'TIME', 'UNSIGNED'.
- * Default: 'CHAR'
+ * @see WP_Meta_Query
*
- * @param string $meta_type
+ * @param array (optional) $meta_query A meta query
+ * @param string $type Type of meta
* @param string $primary_table
* @param string $primary_id_column
* @param object $context (optional) The main query object
* @return array( 'join' => $join_sql, 'where' => $where_sql )
*/
-function _get_meta_sql( $meta_query, $meta_type, $primary_table, $primary_id_column, $context = null ) {
- global $wpdb;
-
- if ( ! $meta_table = _get_meta_table( $meta_type ) )
- return false;
-
- $meta_id_column = esc_sql( $meta_type . '_id' );
-
- $join = '';
- $where = '';
- $i = 0;
- foreach ( $meta_query as $q ) {
- $meta_key = isset( $q['key'] ) ? trim( $q['key'] ) : '';
- $meta_value = isset( $q['value'] ) ? $q['value'] : '';
- $meta_compare = isset( $q['compare'] ) ? strtoupper( $q['compare'] ) : '=';
- $meta_type = isset( $q['type'] ) ? strtoupper( $q['type'] ) : 'CHAR';
-
- if ( ! in_array( $meta_compare, array( '=', '!=', '>', '>=', '<', '<=', 'LIKE', 'NOT LIKE', 'IN', 'NOT IN', 'BETWEEN', 'NOT BETWEEN' ) ) )
- $meta_compare = '=';
-
- if ( 'NUMERIC' == $meta_type )
- $meta_type = 'SIGNED';
- elseif ( ! in_array( $meta_type, array( 'BINARY', 'CHAR', 'DATE', 'DATETIME', 'DECIMAL', 'SIGNED', 'TIME', 'UNSIGNED' ) ) )
- $meta_type = 'CHAR';
-
- if ( empty( $meta_key ) && empty( $meta_value ) )
- continue;
-
- $alias = $i ? 'mt' . $i : $meta_table;
+function get_meta_sql( $meta_query = false, $type, $primary_table, $primary_id_column, $context = null ) {
+ $meta_query_obj = new WP_Meta_Query( $meta_query );
+ return $meta_query_obj->get_sql( $type, $primary_table, $primary_id_column, $context );
+}
- $join .= "\nINNER JOIN $meta_table";
- $join .= $i ? " AS $alias" : '';
- $join .= " ON ($primary_table.$primary_id_column = $alias.$meta_id_column)";
+/**
+ * Container class for a multiple metadata query
+ *
+ * @since 3.2.0
+ */
+class WP_Meta_Query {
+ /**
+ * List of metadata queries. A single query is an associative array:
+ * - 'key' string The meta key
+ * - 'value' string|array The meta value
+ * - 'compare' (optional) string How to compare the key to the value.
+ * Possible values: '=', '!=', '>', '>=', '<', '<=', 'LIKE', 'NOT LIKE', 'IN', 'NOT IN', 'BETWEEN', 'NOT BETWEEN'.
+ * Default: '='
+ * - 'type' string (optional) The type of the value.
+ * Possible values: 'NUMERIC', 'BINARY', 'CHAR', 'DATE', 'DATETIME', 'DECIMAL', 'SIGNED', 'TIME', 'UNSIGNED'.
+ * Default: 'CHAR'
+ *
+ * @since 3.2.0
+ * @access public
+ * @var array
+ */
+ public $queries = array();
+
+ /**
+ * The relation between the queries. Can be one of 'AND' or 'OR'.
+ *
+ * @since 3.2.0
+ * @access public
+ * @var string
+ */
+ public $relation;
+
+ /**
+ * Constructor
+ *
+ * @param array (optional) $meta_query A meta query
+ */
+ function __construct( $meta_query = false ) {
+ if ( !$meta_query )
+ return;
+
+ if ( isset( $meta_query['relation'] ) && strtoupper( $meta_query['relation'] ) == 'OR' ) {
+ $this->relation = 'OR';
+ } else {
+ $this->relation = 'AND';
+ }
- $i++;
+ $this->queries = array();
- if ( !empty( $meta_key ) )
- $where .= $wpdb->prepare( " AND $alias.meta_key = %s", $meta_key );
+ foreach ( $meta_query as $key => $query ) {
+ if ( ! is_array( $query ) )
+ continue;
- if ( in_array( $meta_compare, array( 'IN', 'NOT IN', 'BETWEEN', 'NOT BETWEEN' ) ) ) {
- if ( ! is_array( $meta_value ) )
- $meta_value = preg_split( '/[,\s]+/', $meta_value );
- } else {
- $meta_value = trim( $meta_value );
+ $this->queries[] = $query;
}
+ }
- if ( empty( $meta_value ) )
- continue;
-
- if ( 'IN' == substr( $meta_compare, -2) ) {
- $meta_compare_string = '(' . substr( str_repeat( ',%s', count( $meta_value ) ), 1 ) . ')';
- } elseif ( 'BETWEEN' == substr( $meta_compare, -7) ) {
- $meta_value = array_slice( $meta_value, 0, 2 );
- $meta_compare_string = '%s AND %s';
- } elseif ( 'LIKE' == substr( $meta_compare, -4 ) ) {
- $meta_value = '%' . like_escape( $meta_value ) . '%';
- $meta_compare_string = '%s';
- } else {
- $meta_compare_string = '%s';
+ /**
+ * Constructs a meta query based on 'meta_*' query vars
+ *
+ * @since 3.2.0
+ * @access public
+ *
+ * @param array $qv The query variables
+ */
+ function parse_query_vars( $qv ) {
+ $meta_query = array();
+
+ // Simple query needs to be first for orderby=meta_value to work correctly
+ foreach ( array( 'key', 'compare', 'type' ) as $key ) {
+ if ( !empty( $qv[ "meta_$key" ] ) )
+ $meta_query[0][ $key ] = $qv[ "meta_$key" ];
}
- // @todo Temporary hack to support empty values. Do not use outside of core.
- if ( '_wp_zero_value' == $meta_value )
- $meta_value = 0;
+ // WP_Query sets 'meta_value' = '' by default
+ if ( isset( $qv[ 'meta_value' ] ) && '' !== $qv[ 'meta_value' ] )
+ $meta_query[0]['value'] = $qv[ 'meta_value' ];
+
+ if ( !empty( $qv['meta_query'] ) && is_array( $qv['meta_query'] ) ) {
+ $meta_query = array_merge( $meta_query, $qv['meta_query'] );
+ }
- $where .= $wpdb->prepare( " AND CAST($alias.meta_value AS {$meta_type}) {$meta_compare} {$meta_compare_string}", $meta_value );
+ $this->__construct( $meta_query );
}
- return apply_filters_ref_array( 'get_meta_sql', array( compact( 'join', 'where' ), $meta_query, $meta_type, $primary_table, $primary_id_column, &$context ) );
-}
+ /**
+ * Generates SQL clauses to be appended to a main query.
+ *
+ * @since 3.2.0
+ * @access public
+ *
+ * @param string $type Type of meta
+ * @param string $primary_table
+ * @param string $primary_id_column
+ * @param object $context (optional) The main query object
+ * @return array( 'join' => $join_sql, 'where' => $where_sql )
+ */
+ function get_sql( $type, $primary_table, $primary_id_column, $context = null ) {
+ global $wpdb;
+
+ if ( ! $meta_table = _get_meta_table( $type ) )
+ return false;
+
+ $meta_id_column = esc_sql( $type . '_id' );
+
+ $join = array();
+ $where = array();
+
+ foreach ( $this->queries as $k => $q ) {
+ $meta_key = isset( $q['key'] ) ? trim( $q['key'] ) : '';
+ $meta_compare = isset( $q['compare'] ) ? strtoupper( $q['compare'] ) : '=';
+ $meta_type = isset( $q['type'] ) ? strtoupper( $q['type'] ) : 'CHAR';
+
+ if ( ! in_array( $meta_compare, array( '=', '!=', '>', '>=', '<', '<=', 'LIKE', 'NOT LIKE', 'IN', 'NOT IN', 'BETWEEN', 'NOT BETWEEN' ) ) )
+ $meta_compare = '=';
+
+ if ( 'NUMERIC' == $meta_type )
+ $meta_type = 'SIGNED';
+ elseif ( ! in_array( $meta_type, array( 'BINARY', 'CHAR', 'DATE', 'DATETIME', 'DECIMAL', 'SIGNED', 'TIME', 'UNSIGNED' ) ) )
+ $meta_type = 'CHAR';
+
+ $i = count( $join );
+ $alias = $i ? 'mt' . $i : $meta_table;
+
+ // Set JOIN
+ $join[$i] = "INNER JOIN $meta_table";
+ $join[$i] .= $i ? " AS $alias" : '';
+ $join[$i] .= " ON ($primary_table.$primary_id_column = $alias.$meta_id_column)";
+
+ $where[$k] = '';
+ if ( !empty( $meta_key ) )
+ $where[$k] = $wpdb->prepare( "$alias.meta_key = %s", $meta_key );
+
+ if ( !isset( $q['value'] ) ) {
+ if ( empty( $where[$k] ) )
+ unset( $join[$i] );
+ continue;
+ }
+
+ $meta_value = $q['value'];
+
+ if ( in_array( $meta_compare, array( 'IN', 'NOT IN', 'BETWEEN', 'NOT BETWEEN' ) ) ) {
+ if ( ! is_array( $meta_value ) )
+ $meta_value = preg_split( '/[,\s]+/', $meta_value );
+
+ if ( empty( $meta_value ) ) {
+ unset( $join[$i] );
+ continue;
+ }
+ } else {
+ $meta_value = trim( $meta_value );
+ }
+
+ if ( 'IN' == substr( $meta_compare, -2) ) {
+ $meta_compare_string = '(' . substr( str_repeat( ',%s', count( $meta_value ) ), 1 ) . ')';
+ } elseif ( 'BETWEEN' == substr( $meta_compare, -7) ) {
+ $meta_value = array_slice( $meta_value, 0, 2 );
+ $meta_compare_string = '%s AND %s';
+ } elseif ( 'LIKE' == substr( $meta_compare, -4 ) ) {
+ $meta_value = '%' . like_escape( $meta_value ) . '%';
+ $meta_compare_string = '%s';
+ } else {
+ $meta_compare_string = '%s';
+ }
+
+ if ( ! empty( $where[$k] ) )
+ $where[$k] .= ' AND ';
+
+ $where[$k] = ' (' . $where[$k] . $wpdb->prepare( "CAST($alias.meta_value AS {$meta_type}) {$meta_compare} {$meta_compare_string})", $meta_value );
+ }
-/**
- * Populates the $meta_query property
- *
- * @access private
- * @since 3.1.0
- *
- * @param array $qv The query variables
- */
-function _parse_meta_query( &$qv ) {
- $meta_query = array();
+ $where = array_filter( $where );
- // Simple query needs to be first for orderby=meta_value to work correctly
- foreach ( array( 'key', 'value', 'compare', 'type' ) as $key ) {
- if ( !empty( $qv[ "meta_$key" ] ) )
- $meta_query[0][ $key ] = $qv[ "meta_$key" ];
- }
+ if ( empty( $where ) )
+ $where = '';
+ else
+ $where = ' AND (' . implode( "\n{$this->relation} ", $where ) . ' )';
- if ( !empty( $qv['meta_query'] ) && is_array( $qv['meta_query'] ) ) {
- $meta_query = array_merge( $meta_query, $qv['meta_query'] );
- }
+ $join = implode( "\n", $join );
+ if ( ! empty( $join ) )
+ $join = ' ' . $join;
- $qv['meta_query'] = $meta_query;
+ return apply_filters_ref_array( 'get_meta_sql', array( compact( 'join', 'where' ), $this->queries, $type, $primary_table, $primary_id_column, $context ) );
+ }
}
/**
return $wpdb->$table_name;
}
+
+/**
+ * Determine whether a meta key is protected
+ *
+ * @since 3.1.3
+ *
+ * @param string $meta_key Meta key
+ * @return bool True if the key is protected, false otherwise.
+ */
+function is_protected_meta( $meta_key, $meta_type = null ) {
+ $protected = ( '_' == $meta_key[0] );
+
+ return apply_filters( 'is_protected_meta', $protected, $meta_key, $meta_type );
+}
+
+/**
+ * Sanitize meta value
+ *
+ * @since 3.1.3
+ *
+ * @param string $meta_key Meta key
+ * @param mixed $meta_value Meta value to sanitize
+ * @param string $meta_type Type of meta
+ * @return mixed Sanitized $meta_value
+ */
+function sanitize_meta( $meta_key, $meta_value, $meta_type = null ) {
+ return apply_filters( 'sanitize_meta', $meta_value, $meta_key, $meta_type );
+}
+
?>
scripts.mit.edu / autoinstalls / wordpress.git / blobdiff